SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Microsoft IIS ScStoragePathFromUrl function buffer overflow attempt
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If:
This rule alerts when an attempt to exploit a buffer overflow in IIS ScStoragePathFromUrl is detected.
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
Buffer Overflow
Buffer Overflows occur when a memory location is filled past its expected boundaries. Computer attackers target systems without proper terminating conditions on buffers, which then write the additional information in other locations in memory, overwriting what is there. This could corrupt the data, making the system behave erratically or crash. The new information could include malicious executable code, which might be executed.
CVE-2017-7269 |
Loading description
|
Tactic: Execution
Technique: AppleScript
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org